US issues alert about Microsoft email service

Thursday, 04. March 2021 01:26

United States Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to federal agencies that use Microsoft Corporation's Microsoft Exchange products to update or disconnect their on-premises servers until the available patch is applied.

"CISA partners have observed active exploitation of vulnerabilities in Microsoft Exchange on-premises products... Successful exploitation of these vulnerabilities allows an attacker to access on-premises Exchange Servers, enabling them to gain persistent system access and control of an enterprise network. CISA has determined that this exploitation of Microsoft Exchange on-premises products poses an unacceptable risk to Federal Civilian Executive Branch agencies and requires emergency action," the US government agency said in its directive.

Yesterday, Microsoft announced it "has detected multiple 0-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks," claiming "with high confidence" that "HAFNIUM, a group assessed to be state-sponsored and operating out of China" has been behind the attacks.

Related Links: Microsoft Corp.
Breaking the News / MS